Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E9A3866333311F0901BD182DAE4EC9C.roa
File: 1E9A3866333311F0901BD182DAE4EC9C.roa (raw, json)
Hash identifier: EWdautAFo7sgtjxlBqx0/O/KBGQOxFlAdXJImvehwis=
Subject key identifier: 29:96:1B:87:C0:02:88:A3:75:A6:17:23:A6:7C:E1:2A:C6:C3:B1:B5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015599
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E9A3866333311F0901BD182DAE4EC9C.roa
Signing time: Sat 17 May 2025 15:25:10 +0000
ROA not before: Sat 17 May 2025 15:25:05 +0000
ROA not after: Tue 16 Jun 2026 15:25:05 +0000
asID: 984
IP address blocks: 156.228.165.0/24 maxlen: 24
156.228.173.0/24 maxlen: 24
156.228.192.0/24 maxlen: 24
156.231.0.0/24 maxlen: 24
156.231.11.0/24 maxlen: 24
156.231.16.0/24 maxlen: 24
156.231.17.0/24 maxlen: 24
156.231.18.0/24 maxlen: 24
156.231.19.0/24 maxlen: 24
156.231.20.0/24 maxlen: 24
156.231.21.0/24 maxlen: 24
156.231.22.0/24 maxlen: 24
156.231.23.0/24 maxlen: 24
156.231.24.0/24 maxlen: 24
156.231.25.0/24 maxlen: 24
156.231.26.0/24 maxlen: 24
156.231.27.0/24 maxlen: 24
156.231.28.0/24 maxlen: 24
156.231.29.0/24 maxlen: 24
156.231.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87449 (0x15599)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 17 15:25:05 2025 GMT
Not After : Jun 16 15:25:05 2026 GMT
Subject: CN=6828aa56-e10b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:31:5a:e7:85:1f:2c:0d:12:8d:74:c8:b8:ff:
55:d9:47:b0:42:c8:5d:b7:df:b3:0c:b0:ea:03:3d:
38:91:9f:65:8c:b0:ab:bc:c2:1c:e3:2b:cd:7a:5c:
ea:9f:6f:c6:34:cf:8c:c5:e9:25:20:d9:9c:7a:f4:
15:9e:ee:f3:c8:e8:75:bb:90:2e:47:57:63:b3:8f:
54:71:6f:89:34:66:2f:85:e0:fe:85:44:63:78:62:
d2:d6:7d:90:a5:6e:5b:4f:81:18:4e:b1:0c:72:5d:
3a:df:33:8f:2e:b7:fe:97:da:d0:3c:24:ba:2a:fc:
1c:8f:e6:35:49:9b:7c:dd:95:ac:7b:93:9b:91:11:
72:72:37:1b:3e:ad:5a:0e:4a:cd:c5:45:31:5f:c2:
95:62:d6:dc:ac:a7:04:f5:f1:e5:57:bb:43:3e:38:
31:6b:cb:a6:2a:62:e2:50:72:55:fc:87:0e:8c:28:
f8:ea:91:48:12:49:e8:43:53:5e:22:e1:3b:ce:19:
05:23:eb:5c:67:c1:68:e1:6c:dc:1a:a5:c5:52:92:
90:00:52:f0:84:1a:31:ef:8d:4b:f9:67:65:1d:82:
5c:c4:1d:0c:54:77:11:25:76:c3:b2:91:cd:b5:ad:
e2:ee:e8:8b:df:0d:84:a9:3e:5f:55:eb:14:b6:31:
86:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:96:1B:87:C0:02:88:A3:75:A6:17:23:A6:7C:E1:2A:C6:C3:B1:B5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E9A3866333311F0901BD182DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.165.0/24
156.228.173.0/24
156.228.192.0/24
156.231.0.0/24
156.231.11.0/24
156.231.16.0-156.231.30.255
Signature Algorithm: sha256WithRSAEncryption
4b:df:5c:e1:7e:ef:b8:c2:9c:95:76:30:5a:26:3a:e4:a0:6e:
84:92:27:a2:96:8b:57:3d:e8:3c:9a:0d:53:9f:22:c6:49:3b:
47:96:44:f8:86:3e:00:2d:3e:8a:93:7d:56:0a:1a:ae:5c:97:
a4:46:1c:2a:db:9b:63:7e:82:56:4b:c0:ba:c7:d6:6a:ce:05:
0f:29:9d:de:a6:a2:ab:da:14:0d:51:5f:81:ae:d8:28:84:17:
92:b2:77:8a:e1:e7:5f:60:87:42:12:67:00:4b:9a:92:fc:ca:
c8:57:f8:62:25:02:cb:04:f8:96:95:a4:5c:03:0a:d9:09:c7:
4a:2c:36:e8:25:bf:3b:8f:67:0c:40:d6:25:f3:ad:6e:e3:ed:
7a:f9:bc:ca:59:01:f8:e9:36:d9:df:41:74:87:92:3d:47:96:
6b:7a:a2:89:ac:64:39:55:da:92:7e:39:46:e9:f2:b6:3c:69:
57:5e:37:7d:8b:36:47:4d:64:6c:11:5e:98:3a:17:78:b6:13:
1c:ca:c9:e8:c6:f9:7b:c9:eb:67:51:68:fa:2a:cd:4e:36:06:
f8:99:40:35:6a:31:41:cd:12:49:ca:3a:57:31:3b:5b:6e:fc:
b5:4b:62:62:98:67:47:80:4b:28:8a:94:c1:c7:ad:2d:b8:1a:
0d:bf:dd:19
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgIDAVWZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTE3MTUyNTA1WhcNMjYwNjE2MTUyNTA1WjAYMRYw
FAYDVQQDEw02ODI4YWE1Ni1lMTBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2DFa54UfLA0SjXTIuP9V2UewQshdt9+zDLDqAz04kZ9ljLCrvMIc4yvN
elzqn2/GNM+MxeklINmcevQVnu7zyOh1u5AuR1djs49UcW+JNGYvheD+hURjeGLS
1n2QpW5bT4EYTrEMcl063zOPLrf+l9rQPCS6Kvwcj+Y1SZt83ZWse5ObkRFycjcb
Pq1aDkrNxUUxX8KVYtbcrKcE9fHlV7tDPjgxa8umKmLiUHJV/IcOjCj46pFIEkno
Q1NeIuE7zhkFI+tcZ8Fo4WzcGqXFUpKQAFLwhBox741L+WdlHYJcxB0MVHcRJXbD
spHNta3i7uiL3w2EqT5fVesUtjGGvQIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFCmW
G4fAAoijdaYXI6Z84SrGw7G1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRTlBMzg2NjMzMzMxMUYwOTAxQkQxODJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAnOSlAwQAnOStAwQAnOTAAwQA
nOcAAwQAnOcLMAwDBASc5xADBACc5x4wDQYJKoZIhvcNAQELBQADggEBAEvfXOF+
77jCnJV2MFomOuSgboSSJ6KWi1c96DyaDVOfIsZJO0eWRPiGPgAtPoqTfVYKGq5c
l6RGHCrbm2N+glZLwLrH1mrOBQ8pnd6moqvaFA1RX4Gu2CiEF5Kyd4rh519gh0IS
ZwBLmpL8yshX+GIlAssE+JaVpFwDCtkJx0osNuglvzuPZwxA1iXzrW7j7Xr5vMpZ
AfjpNtnfQXSHkj1Hlmt6oomsZDlV2pJ+OUbp8rY8aVdeN32LNkdNZGwRXpg6F3i2
ExzKyejG+XvJ62dRaPoqzU42BviZQDVqMUHNEknKOlcxO1tu/LVLYmKYZ0eASyiK
lMHHrS24Gg2/3Rk=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:46:52 2025 by rpki-client